Security developer has 100 days to get the Biden administration to change its mind
The Biden administration has announced plans to ban the sale of Kaspersky Lab’s antivirus software in the United States owing to concerns over alleged close ties to Russia. The restrictions go into effect 29 September, 100 days after the ban was published. This is not the first time Kaspersky has been in the crosshairs of regulators. In 2017, the US Department of Homeland Security banned the antivirus product on federal networks.
In 2018, the Netherlands also decided to phase out the central government’s use of antivirus software from Russia’s Kaspersky Lab. In response, the company decided to move its core operations from Russia to Switzerland. The measures included moving data storage and processing for a number of regions, relocating software assembly and opening the first Transparency Center.
Pressure on the company’s US operations grew after Moscow declared war on Kiev. Andrew Borene, executive director for global security at threat intelligence firm Flashpoint, said: “This decision is a logical reflection of the tectonic shifts that are dividing economies along the lines of power competition between allies and the Russia/China/Iran/North Korea digital domain; these divides obviously extend into private sector actors as well. Kaspersky has a history of problems with US, Canadian and other allied governments – banning its use for US security probably is a wise choice in many cases, particularly in the categories of civilian critical infrastructure at state/local/municipal level whether that infrastructure is inherently governmental or privately owned and operated.”
Kaspersky, which has a British holding company, has more than 220,000 corporate customers in about 200 countries. Customers include Italian vehicle manufacturer Piaggio and the Qatar Olympic Committee. Adam Maruyama, field CTO, Garrison Technology, said: “The administration’s move to ban Kaspersky Lab products in the United States underscores the stakes of security products gone bad, wherein the privileges that are supposed to be used to protect networks and systems are instead used to subvert security mechanisms, deploy malware, and steal data. But deliberate seeding of such capabilities via a commercially available product is only the tip of the iceberg. In their report on zero-days exploited in the wild in 2023, Google noticed a marked increase in attacks against enterprise security software including detection and response, VPN, and firewall operating systems. Left unchecked, this rise in exploits could provide attackers the same privileged access they would have had if administrators installed compromised software.”
Maruyama continues: “As threat actors become more sophisticated and look to privileged services such as security software to gain and maintain persistent access, the cybersecurity community needs to rethink the way we consider security solutions. The cyber security community, particularly in the high-threat sectors of government and critical infrastructure, must consider innovative solutions like using fixed-function, deterministic components such as FPGAs rather than malleable software solutions to enforce critical security functions. If we don’t fundamentally rethink the way we approach and enforce security, our most sophisticated adversaries will continue to subvert the software meant to keep us safe – whether it’s by shipping compromised software or attacking and compromising legitimately-developed solutions.”
Read More: kaspersky law
